AWS Practitioner
Amazon CloudFront
Amazon CloudFront is a content delivery network (or CDN) used to distribute content to end users to reduce latency.
variable expense
Variable expense: A variable expense is an expense that the person who bears the cost can alter or avoid.
Which categories are fundamental drivers of cost with AWS?
Compute Storage Data transfer
Which task is the customer responsible for, according to the Amazon Web Services (AWS) shared responsibility model?
Ensuring that users have entered a user ID and password before they use an application
What does the statement "Massive economies of scale" mean in terms of cloud computing?
-the cost of cloud computing has a lower variable cost -massive economies of scale translate into lower pay-as-you-go prices.
Point of Presence
A Point of Presence is where end users access AWS services through either the Amazon CloudFront or the Amazon Route 53 service.
An administrator wants to create new users for Amazon Web Services (AWS) and assign permissions to these users. Which service should the administrator use?
AWS Identity and Access Management (IAM)
Which services are in the Amazon Web Services (AWS) Storage category?
Amazon Simple Storage Service (Amazon S3) Amazon Elastic File System (Amazon EFS)
3 ways to interact with AWS
-console -CLI -SDKs
What are advantages of Cloud Computing?
-Trade capital expense for variable expense -benefit from massive economies of scale -Stop guessing capacity -Increase speed and agility -Stop spending money running and maintaining data centers -Go global in minutes
which options are examples of operating systems?
-ios -Amazon Linux 2
Which area of concern does the Amazon Web Services (AWS) shared responsibility model address, in addition to Security?
Compliance
What is Amazon Web Services (AWS) responsible for, according to the AWS shared responsibility model?
Security of the cloud
Which cloud computing model allows the user to immediately use a service without having to run or manage any resources?
Software as a service (SaaS)
Which scenario is an example of software as a service (SaaS) in cloud computing?
The third-party vendor manages the website's patching and the procurement of resources. The developer is responsible for the content.
hypervisor
a software layer, which provides access to the resources of the physical computer (CPU, memory, disk, network) to the VM
3 fundamental drivers of cost with AWS
compute, storage, and outbound data transfer.
Service characteristics
nfrastructure as a service (IaaS) refers to services that provide basic building blocks for cloud IT. These building block typically include network configuration, computers (virtual or on dedicated hardware), and data storage space. Cloud services that can be characterized as IaaS provide the customer with the highest level of flexibility and management control over IT resources. IaaS services are most similar to existing on-premises computing resources that many IT departments are familiar with. AWS services—such as Amazon EC2—can be categorized as IaaS. Thus, the customer must perform all necessary security configuration and management tasks. Customers who deploy EC2 instances are responsible for managing the guest OS (including updates and security patches), any application software that's installed on the instances, and configuring the security groups that were provided by AWS. Platform as a service (PaaS) refers to services that reduce the customer's need to manage the underlying infrastructure (hardware, OS, and other resources). PaaS services enable the customer to focus on deploying and managing applications. Customers don't need to worry about resource procurement, capacity planning, software maintenance, or patching AWS services such as AWS Lambda and Amazon RDS can be categorized as PaaS because AWS operates the infrastructure layer, the operating system, and platforms. Customers only need to access the endpoints to store and retrieve data. With PaaS services, customers are responsible for managing their data, classifying their assets, and applying the appropriate permissions. However, these service act more like managed services, with AWS handling a larger portion of the security requirements. For these services, AWS handles basic security tasks—such as OS and database patching, firewall configuration, and disaster recovery (DR) Software as a service (SaaS) refers to services that provide centrally hosted software that's typically accessible through a web browser, mobile app, or application programming interface (API). The licensing model for SaaS offerings is generally subscription or pay as you go. With SaaS offerings, customers don't need to manage the infrastructure that supports the service. Some AWS services—such as AWS Trusted Advisor, AWS Shield, and Amazon Chime—could be categorized as SaaS offerings, given their characteristics. AWS Trusted Advisor is an online tool that analyzes your AWS environment and provides real-time guidance and recommendations to help you provision your resources by following AWS best practices. The Trusted Advisor service is offered as part of your AWS Support plan. Some of the Trusted Advisor features are free to all accounts, but Business Support and Enterprise Support customers have access to the full set of Trusted Advisor checks and recommendations. AWS Shield is a managed distributed denial of service (DDoS) protection service that safeguards applications that run on AWS. It provides always-on detection and automatic inline mitigations that minimize application downtime and latency. Thus, customers don't need to engage AWS Support to benefit from DDoS protection. AWS Shield Advanced is available to all customers. However, to contact the DDoS Response Team, customers must have either Enterprise Support or Business Support from AWS Support Amazon Chime is a communications service that enables you to meet, chat, and place business calls inside and outside your organization, all by using a single application. It's a pay-as-you-go communications service with no upfront fees, commitments, or long-term contra
VM host
the physical machine
which resources are examples of database management system applications?
-MySQL -Oracle
AWS Region
-is a geographical area -each region is made up of two or more availaibility zones -AWS has 25 regions worldwide -you enable and control data replication across regions -communication between regions uses AWS backbone network connections infrastructure
Availability Zone
-made up of one or more data centers -designed for fault isolation -interconnected with other availability zones by using high-speed private links
What is an application?
A set of instructions that run on a computer to perform specific tasks
Which payment options are available for most Amazon Elastic Compute Cloud (Amazon EC2) Reserved Instances?
All Upfront payment option Partial Upfront payment option No Upfront payment option
Which statements describe the benefits of using the AWS Pricing Calculator?
It estimates monthly services costs. It can identify opportunities for cost reduction. It uses templates to model solutions
Phases of Software Development Lifecycle
Plan - What is the problem and what resources do you need to solve it? • Analyze - What do you want from a solution? • Design - How will you built what you want? • Develop - Build what you have designed. • Test - Did you get what you want? • Implement - Start to use what you built. • Maintain - Improve what you built
Web application
Runs in a web server or application server, and is accessed from a web browser
Which resource or ability is the AWS global infrastructure designed and built to deliver?
Scalability
Which options are AWS services categories?
Security, Identity, and Compliance Compute
what is a server?
A computer that provides data or services to other computers. A server provides a response to a request from a client computer over a network
TCO (Total Cost of Ownership)
A financial estimate to help identify direct and indirect costs of a system. Use TCO: Compare the costs of running an entire infrastructure environment or specific workload on-premise versus the AWS Cloud. Budget and build the business case for moving to the cloud.
What is an AWS Region?
A geographical area in the world.
Which resource is provided in the AWS Documentation?
Tutorials and projects
How many Availability Zones are in an AWS Region?
Two or more
AWS Security, Identity, and Compliance Services
AWS Identity and Access Management (IAM) enables you to manage access to AWS services and resources securely. By using IAM, you can create and manage AWS users and groups. You can use IAM permissions to allow and deny user and group access to AWS resources. AWS Organizations allows you to restrict what services and actions are allowed in your accounts. Amazon Cognito lets you add user sign-up, sign-in, and access control to your web and mobile apps. AWS Artifact provides on-demand access to AWS security and compliance reports and select online agreements. AWS Key Management Service (AWS KMS) enables you to create and manage keys. You can use AWS KMS to control the use of encryption across a wide range of AWS services and in your applications. AWS Shield is a managed distributed denial of service (DDoS) protection service that safeguards applications running on AWS.
Which AWS service allows for creation of estimates, sharing of an estimate via a unique link, and also provides an option to revisit any estimates directly through a browser?
AWS Pricing Calculator
Which statement describes Amazon Web Services (AWS)?
AWS is a secure cloud services provider that offers many services to help businesses scale and grow.
Memory
-Holds instructions and data for the CPU to run and use -CPU retrieves program instructions from memory -CPU retrieves and stores program data in memory -Memory is temporary storage. The data is lost when the computer is turned off. -Size of memory is measured in megabytes(MB) or gigabytes(GB) -1 megabyte(MB)~ a million bytes or characters -more memory = faster performance -Memory is also called Random Access memory -More memory enables the OS to load more applications into memory at once, or keep all of an application's data in memory at one time. The result is improved system performance.
Which types of data transfer for Amazon Simple Storage Service (Amazon S3) are free?
-Outbound data transfer from Amazon S3 to Amazon CloudFront in the same Region -Inbound data transfer from the internet to Amazon S3
What are benefits of trading capital expense for variable expense?
-Paying only when computing resources are consumed -Paying only for how much is consumed
which components are physical part of a computer system?
-The motherboard -the network card
network interface card
-connects a computer to a computer network -enables a computer to communicate over a network, such as the internet -different types of network cards provide wired or wireless connection options -speed of a network card is measured in gigabits per second -also called a network adapter
Amazon S3
-managed cloud storage that enables you to store data as objects in a bucket -objects can be almost any data file. -when you add objects to a bucket, you must give them a unique name which is called an object key. -Amazon S3 is object level storage -Buckets are logical containers for objects. You can have one or more objects in your account. For each bucket, you control access -Amazon S3 is designed to scaled seamlessly and provide over 11 9s of durability.
flow of information for a web server
1. The user opens a browser on a client machine and enters the address of the web application's homepage. This address is called its home Uniform Resource Locator (URL), for example: https://anycompanywebapp.com. 2. The web server receives the client request and directs it to the appropriate web application. 3. The web application sends a request to the database server to access its application data. 4. The database server returns the requested data to the web application. 5. The web application builds the response webpage and passes it to the web
Which compute service enables users to create virtual machines in the cloud?
Amazon Elastic Compute Cloud (Amazon EC2)
Amazon Compute Services
Amazon Elastic Compute Cloud (Amazon EC2) provides resizable compute capacity as virtual machines in the cloud. Amazon EC2 Auto Scaling enables you to automatically add or remove EC2 instances according to conditions that you define. AWS Elastic Beanstalk is a service for deploying and scaling web applications and services on familiar servers such as Apache HTTP Server and Microsoft Internet Information Services (IIS). AWS Lambda enables you to run code without provisioning or managing servers. You pay only for the compute time that you consume, so you won't be charged when your code isn't running
Amazon Containers Services
Amazon Elastic Container Service (Amazon ECS) is a highly scalable, high-performance container orchestration service that supports Docker containers. Amazon Elastic Container Registry (Amazon ECR) is a fully managed Docker container registry that makes it easy for developers to store, manage, and deploy Docker container images. Amazon Elastic Kubernetes Service (Amazon EKS) makes it easy to deploy, manage, and scale containerized applications that use Kubernetes on AWS. AWS Fargate is a compute engine for Amazon ECS that enables you to run containers without managing servers or clusters.
AWS database services
Amazon Relational Database Service (Amazon RDS) makes it easy to set up, operate, and scale a relational database in the cloud. It provides resizable capacity while automating time-consuming administration tasks, such as hardware provisioning, database setup, patching, and backups. Amazon Aurora is a relational database that's compatible with MySQL and PostgreSQL. It's up to five times faster than standard MySQL databases and three times faster than standard PostgreSQL databases. Amazon Redshift enables you to run analytic queries against petabytes of data that's stored locally in Amazon Redshift. You can also run queries directly against exabytes of data that's stored in Amazon S3. It delivers fast performance at any scale. Amazon DynamoDB is a key-value and document database that delivers single-digit millisecond performance at any scale, with built-in security, backup and restore, and in-memory caching
What is a benefit of developing in a cloud environment?
Reducing the time needed to access computing resources
Which cloud computing model requires Amazon Web Services (AWS) to manage infrastructure security in its totality?
Software as a service (SaaS)
AWS cost management services
The AWS Cost and Usage Report contains the most comprehensive set of AWS cost and usage data available, including additional metadata about AWS services, pricing, and reservations. AWS Budgets enables you to set custom budgets that alert you when your costs or usage exceed (or are forecasted to exceed) your budgeted amount. AWS Cost Explorer has an easy-to-use interface that enables you to visualize, understand, and manage your AWS costs and usage over time.
AWS management and governance services
The AWS Management Console provides a web-based user interface for accessing your AWS account. AWS Config provides a service that helps you track resource inventory and changes. Amazon CloudWatch enables you to monitor resources and applications. AWS Auto Scaling provides features that allow you to scale multiple resources to meet demand. AWS Command Line Interface provides a unified tool to manage AWS services. AWS Trusted Advisor helps you optimize performance and security. AWS Well-Architected Tool provides help in reviewing and improving your workloads. AWS CloudTrail tracks user activity and API usage
What is an advantage of cloud computing compared to on-premises computing?
Benefiting from massive economies of scale
Computer network
Connects multiple devices to share data and resources Types of networks: wired: devices connect by using an ethernet cable wireless: devices connect by using a wi-fi signal
benefits of using a VM
Cost savings - For example, you don't need to buy a new machine if you want to run a different operating system (OS) on your existing machine. You create a VM with the new OS and run it on your machine with virtualization software. • Efficiency - You can run multiple VMs on a single physical computer to handle different types of workloads and increase its utilization. VMs enable you to reduce computing resource waste due to under-utilized servers. • Reusability and portability - A virtual machine image defines all of the configuration, software, and applications that are installed in a VM. You can duplicate a VM image on one or more physical hosts without creating a new VM from scratch. This duplication promotes reusability and portability. For example, creating multiple copies of the same VM to respond to incoming requests can improve your applications' performance when the number of requests increases. You can also copy a VM image to a different host for backup purpose
AWS infrastructure features
First, it is elastic and scalable. This means resources can dynamically adjust to increases or decreases in capacity requirements. It can also rapidly adjust to accommodate growth. • Second, this infrastructure is fault tolerant, which means it has built-in component redundancy which enables it to continue operations despite a failed component. • Finally, it requires minimal to no human intervention, while providing high availability with minimal down time
Main components inside a computer
Hardware: -Motherboard -Central Processing Unit (CPU) -Memory -Storage drive -Network Card Software: -Operating System (OS) -Application
Motherboard
Holds all of the core computer hardware components together (Printed circuit board PCB connects directly or indirectly to): -CPU -Memory -Storage drive -Network card -Video card -Computer ports -RAM
A company has an on-premises data center and they also run a portion of their infrastructure in the cloud. Which cloud computing deployment model describes this scenario?
Hybrid deployment model
Infrastructure as a Service (IaaS)
Infrastructure as a Service (IaaS) contains the basic building blocks for cloud IT and typically provides access to networking features, computers (virtual or on dedicated hardware), and data storage space. IaaS provides you with the highest level of flexibility and management control over your IT resources and is most similar to existing IT resources that many IT departments and developers are familiar with today.
Which cloud computing model requires the customer to be more involved in managing infrastructure security?
Infrastructure as a service (IaaS)
Which cloud service model gives the user more control over IT resources, such as access to networking features, computers (either virtual or on dedicated hardware), and data storage space?
Infrastructure as a service (IaaS)
Which statements describe memory(RAM)?
It can be accessed quickly. It holds data temporarily.
what is the role of a motherboard in a computer system?
It connects all the components
What does the phrase "Go global in minutes" mean?
It means that users can deploy their solutions in multiple AWS Regions around the world, which often results in lower latency.
What is an Availability Zone?
One or more data centers that were built with fault isolation.
A software developer is focused on deploying code that integrates with their AWS infrastructure. Which cloud service model does this developer use?
Platform as a service (PaaS)
Reserved Instances
• All Upfront Reserved Instance (or AURI) • Partial Upfront Reserved Instance (or PURI) • No Upfront Payments Reserved Instance (or NURI)
Four general types of application maintenance:
• Corrective maintenance - Is used to fix a problem that occurs and for which a solution is identified. • Adaptive maintenance - Is required when something in the application's runtime environment is going to change. For example, an upgrade is planned for the database software that the application uses. • Perfective maintenance - Occurs when new or revised functionality is identified for the application. For example, the user requests a change in the user interface. • Preventive maintenance - Consists of changes that are made to avoid potential issues in the future. For example, code is redesigned or restructured for easier maintenance.
Data centers are designed with several factors in mind
• Each location is carefully evaluated to mitigate environmental risk • Data centers have a redundant design that anticipates and tolerates failure while maintaining service levels • To ensure availability, critical system components are backed up across multiple isolated locations that are known as Availability Zones • To ensure capacity, AWS continuously monitors service usage to deploy infrastructure to support availability commitments and requirements • Data center locations are not disclosed and all access to them is restricted • In case of failure, automated processes move customer data traffic away from the affected area
AWS responsibilities: Security of the cloud
• Physical security of data centers with controlled, need-based access, located in nondescript facilities; 24/7 security guards; two-factor authentication; access logging and review; video surveillance; and disk degaussing and destruction. • Hardware infrastructure including servers, storage devices, and other appliances that AWS services rely on. • Software infrastructure that hosts operating systems, service applications, and virtualization software. • Network infrastructure including routers, switches, load balancers, firewalls, and cabling. This includes nearly continuous network monitoring at external boundaries, secure access points, and redundant infrastructure with intrusion detection. • Virtualization infrastructure including instance isolatio
Some types of testing:
• Unit testing - Tests individual application components at the program level. The programmer usually does this test. • Integration testing - Tests the combination of multiple application components to verify that they work together correctly. • Security testing - Tests to see whether the application is vulnerable from internal or external threats Performance testing - Tests to see whether the application meets its expected performance requirements.
Customer Security in the cloud
• What content they choose to store on AWS • Which AWS services are used with the content • Which country that content is stored in • The format and structure of that content and whether it's masked, anonymized, or encrypted • Who has access to that content and how those access rights are granted, managed, and revok
AWS services with no charge
• Amazon Virtual Private Cloud (Amazon VPC) enables you to provision a logically isolated section of the AWS Cloud where you can launch AWS resources in a virtual network that you define. • AWS Identity and Access Management (IAM) controls your users' access to AWS services and resources. • Consolidated Billing is a billing feature in the AWS Organizations service to consolidate payment for multiple AWS accounts. Consolidated billing provides: • One bill for multiple accounts. • The ability to easily track each account's charges. • The opportunity to decrease charges because of volume pricing discounts from combined usage. • And you can consolidate all of your accounts using Consolidated Billing and get tiered benefits. • AWS Elastic Beanstalk is a way for you to quickly deploy and manage applications in the AWS Cloud. • AWS CloudFormation gives developers and systems administrators a way to create a collection of related AWS resources and provision them in an orderly and predictable fashion. • Automatic Scaling automatically adds or removes resources according to conditions you define. The resources you are using increase seamlessly during demand spikes to maintain performance and decrease automatically during demand lulls to minimize costs. • AWS OpsWorks is an application management service that makes it easy to deploy and operate applications of all shapes and sizes.
what can you use cloud computing platform for?
• Application hosting for an on-demand infrastructure that hosts internal or SaaS applications • Backup and storage capability to store data and build dependable backup solutions • Content delivery to distribute content worldwide, with high data transfer speeds • Hosting static and dynamic websites • Enterprise IT to host internal-facing or external-facing IT applications in the AWS Cloud • Various scalable database solutions, from hosted enterprise database software to non-relational database solutions
Amazon Storage Services
Amazon Simple Storage Service (Amazon S3) is an object storage service that offers scalability, data availability, security, and performance. Use it to store and protect any amount of data for websites, mobile apps, backup and restore, archive, enterprise applications, Internet of Things (IoT) devices, and big data analytics. Amazon Elastic Block Store (Amazon EBS) is high-performance block storage that is designed for use with Amazon EC2 for both throughput-intensive and transaction-intensive workloads. It's used for a range of workloads, such as relational and non-relational databases, enterprise applications, containerized applications, big data analytics engines, file systems, and media workflows. Amazon Elastic File System (Amazon EFS) provides a scalable, fully managed elastic Network File System (NFS) file system for use with AWS Cloud services and on-premises resources. It's built to scale on demand to petabytes, growing and shrinking automatically as you add and remove files. It reduces the need to provision and manage capacity to accommodate growth. Amazon Simple Storage Service Glacier is a secure, durable, and low-cost Amazon S3 cloud storage class for data archiving and long-term backup. It is designed to deliver 11 9s (99.999999999 percent) of durability, and to provide comprehensive security and compliance capabilities to meet stringent regulatory requirement
A developer wants to create a MySQL database that's hosted in a private subnet in Amazon Web Services (AWS). Which services should the developer use?
Amazon Virtual Private Cloud (Amazon VPC) Amazon Aurora
AWS Networking and Content Delivery Services
Amazon Virtual Private Cloud (Amazon VPC) enables you to provision logically isolated sections of the AWS Cloud. Elastic Load Balancing automatically distributes incoming application traffic across multiple targets, such as Amazon EC2 instances, containers, IP addresses, and Lambda functions. Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and application programming interfaces (APIs) to customers globally, with low latency and high transfer speeds. AWS Transit Gateway is a service that enables customers to connect their virtual private clouds (VPCs) and their on-premises networks to a single gateway. Amazon Route 53 is a scalable, cloud Domain Name System (DNS) web service that's designed to give you a reliable way to route end users to internet applications. It translates names (like www.example.com) into the numeric IP addresses (like 192.0.2.1) that computers use to connect to each other AWS Direct Connect provides a way to establish a dedicated private network connection from your data center or office to AWS, which can reduce network costs and increase bandwidth throughput. AWS VPN provides a secure private tunnel from your network or device to the AWS global network.
Capex
Capital expense (capex): Capex consists of funds that a company uses to acquire, upgrade, and maintain physical assets such as property, industrial buildings, or equipment
CPU
Central Processing Unit. -Runs the instructions that it receives from applications and the OS -Can have multiple cores, which increases performance -Also called the processor -A CPU with multiple cores increases performance. For example, a dual-core CPU has two cores, which act as two separate CPUs. This arrangement enables the OS to run two separate applications at the same time, and therefore, speed up the system.
3 main cloud deployment types
Cloud (or all-in cloud) is a cloud-based application that is fully deployed in the cloud. All parts of the application run in the cloud. Applications in the cloud were either created in the cloud or migrated from an existing infrastructure. Cloud-based applications can be built on low-level infrastructure pieces (for example, networking, compute, or storage). Or they can use higher-level services that provide abstraction from the management, architecting, and scaling requirements of core infrastructure. A hybrid deployment is a way to connect infrastructure and applications between cloud-based resources and existing resources that are not in the cloud. The most common method of hybrid deployment is between the cloud and existing on-premises infrastructure. On-premises infrastructure is located in the physical confines of an enterprise, often in the company's data center. A hybrid deployment model is used to extend an organization's infrastructure into the cloud, while it connects cloud resources to an internal system. When you run a cloud infrastructure from your own data center, it is called an on-premises cloud (or private cloud). Although this kind of deployment lacks many of the benefits of cloud computing, it does provide dedicated resources. It's a popular choice for organizations that must meet certain compliance standards. In most cases, this deployment model is the same as legacy IT infrastructure, but it uses application management and virtualization to increase resource utilization
what is cloud computing?
Cloud computing is the on-demand delivery of compute power, database, storage, applications, and other IT resources. These resources are delivered through a cloud services platform via the internet, with pay-as-you-go pricing
Cloud service models
With infrastructure as a service (IaaS), you manage the server, which can be physical or virtual, and the operating system (Microsoft Windows or Linux). In general, the data center provider has no access to your server. With platform as a service (PaaS), someone else manages the underlying hardware and operating systems. In this way, you can run applications without managing underlying infrastructure (for example, patching, updates, maintenance, hardware, and operating systems). PaaS also provides a framework for developers that they can build on to create customized applications. With software as a service (SaaS), you manage your files while the service provider manages all data centers, servers, networks, storage, maintenance, and patching. You handle only the software and how you want to use it. You are provided with a complete product that the service provider runs and manages. Facebook and Dropbox are examples of SaaS. You manage your Facebook contacts and Dropbox files, and the service providers manage the systems
AWS Cloud Adoption Framework (AWS CAF)
organizes guidance into six areas of focus, called Perspectives. Each Perspective addresses distinct responsibilities. The planning process helps the right people across the organization prepare for the changes ahead. -Business -People -Governance -Platform -Security -Operations
where does a server reside
servers reside in a date center data centers: host all of an organization's computer and networking equipment including: servers, storage devices, network devices (routers, switches, and hubs), cooling equipment, uninterruptable power supplies (UPS)
Operating system
shares and coordinates the use of CPU, memory, storage, and network by applications
What is Cloud Computing?
the practice of using a network of remote servers hosted on the Internet to store, manage, and process data, rather than a local server or a personal computer. is the on-demand delivery of compute power, database, storage, applications, and other IT resources through a cloud services platform via the Internet with pay-as-you-go pricing.